[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

TransPort = privacy issue


#1

Why does whonix Gateway allows TransPort by default? For convenience? It is security and privacy issue. If you use botnet OS like Windows for Whonix-Workstation, it can communicate with NSA or Microsoft easily, since all traffic will just be sent through Tor by TransPort.

However, TransPort allows to use socks proxies in TBB, so not sure if to disable it.


Traffic monitoring and better control
#2

Historically grown like this.

During the early days of TorBOX development, there was only TransPort, no SocksPorts at all since we were not aware yet of stream isolation. So stream isolation was an afterthought.

Never questioned by anyone in the history of the project.

Then also it’s Whonix, Anonymous Operating System. The default is for an operating system. So system default networking is functional.

Changing TransPort now from enabled by default to disabled by default would confuse a lot users. So I am hesitant changing that. Not a good out of the box user experience.

Yes. Using Windows is a mistake to begin with. Indeed, our https://www.whonix.org/wiki/Other_Operating_Systems should advice to disable TransPort when using a Windows-Workstation.

Is above the only reason?


#3

@Patrick @anon21694904 Could you please explain why the windows-workstation issue is possible with TransPort but not with SocksPort?

Do you refer to correlation of activities inside the Windows-Workstation? anything else?


#6

Deleted user with offending user name:

Windows is a spyware, it connects to Microsoft and NSA servers, can send your keystrokes or screenshots to them. Or download new backdoors and install them without your consent.
But all this things Windows does through clearnet, so if you have TransPort enabled, it will work, but with TransPort disabled it won’t work, as Windows spyware won’t have internet connection. Windows doesn’t know about SocksPort.

Windows spyware won’t have internet connection. Windows doesn’t know about SocksPort. indeed.

Deleted user with offending user name:

Maybe just like Tor Browser has Security slider (Low/Medium/High), Whonix-Gateway and/or Whonix-Workstation could have something like this?
So by default Whonix-Gateway would allow TransPort, but in High security setting it would disable it. Other things could also differ depending on Normal / High security setting

Something like that would be nice.

https://www.whonix.org/wiki/FAQ#Patches_are_Welcome

related:
Whonix Control Panel
https://phabricator.whonix.org/T89

Deleted user with offending user name:

So if using Windows-Workstation, you should disable TransPort and only use proxy settings in applications you want to use (like Tor Browser), set them to use SocksPort (each per application).

Yes.

Deleted user with offending user name:

The second reason is TransPort sends all traffic through one circuit (does it?),

Yes. Good reason.

so users could just install many applications and use them without proxy settings, being unaware that there is no stream isolation. Disabling TransPort would force users to set proxy settings or use TorSocks.

Yes.

But I agree that users might get frustrated that software in Whonix doesn’t work and stop using it or come here to complain. So let’s keep TransPort activated by default.

Indeed.